From the fuzzing work, found found 280 certificates that had very bizarre dependencies that resulted in diverse paths being taken. The fuzz testing for x.509 parsing did not result in any crashes. Did find bugs with some DER fuzzing, related to performance, but the right things seemed to happen.

Still looking at low impact, low likelihood, low severity potential vulnerabilities, but overall the code is looking very solid.

As Poly1305 and CHaCha20 were added recently, we'd like to take another look.